Arbitrary Code Injection Affecting agentc package, versions [,0.2.5a4)
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsSnyk Learn
Learn about Arbitrary Code Injection vulnerabilities in an interactive lesson.
Start learning- Snyk IDSNYK-PYTHON-AGENTC-14172804
- published4 Dec 2025
- disclosed2 Dec 2025
- creditUnknown
Introduced: 2 Dec 2025
New CVE NOT AVAILABLE CWE-94 (opens in a new tab)How to fix?
Upgrade agentc to version 0.2.5a4 or higher.
Overview
agentc is a The front-facing package for the Couchbase Agent Catalog project.
Affected versions of this package are vulnerable to Arbitrary Code Injection due to unsafe rendering of Jinja templates without automatic escaping. The Jinja environment is initialized without autoescape=True, allowing user-controlled template input to be interpreted as executable expressions within the rendered template. An attacker can exploit this by supplying crafted template content that injects shell commands or Python expressions, resulting in arbitrary command execution with the privileges of the application.